On target box:
- Check my IP from outside
- curl -s checkip.dyndns.org | sed -e 's/.*Current IP Address: //' -e 's/<.*$//'
- Check what interfaces exist on your box:
- ip addr
- Run a tcpdump
- Also run tcpdump on any gateway between your boxes that you have access to
On own box:
- Fire up netcat try to connect
- nc target_ip target_port
On all boxes:
- Run traceroute and follow the IPs. Do we go to a gateway that we shouldn't?
- mtr 8.8.8.8
- mtr
- See traffic routing rules for this box:
- ip route show
- ip addr
- netstat -ra
- Arping is like ping but lower down, corresponding to layer 2:
- arping 192.168.1.1
Understanding tcpdump:
- Does the first part of the handshake get thru?
- Do we respond to the above handshake?
- Does it go thru the gateway (both ways)?
Other stuff to check on target box:
- sudo iptables -L -n | grep 21
- Is the process listening on that port?
Add an iptables rule to drop outgoing data to 10.1.0.20:
ReplyDeletesudo iptables -A OUTPUT -d 10.1.0.20 -j DROP
remove rule:
sudo iptables -D OUTPUT 1
Use arp:
ReplyDelete/usr/sbin/arp
Lists all ip <-> mac address connections
sidenote: all Pi have a mac address beginning with 'b8:27:eb'